CVE-2026-42227

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying an arbitrary projectId query parameter to the public API...

CVE-2026-42227

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying an arbitrary projectId query parameter to the public API...

EUVD-2026-27095

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying an arbitrary projectId query parameter to the public API...

GHSA-756Q-GQ9H-FP22 n8n has Public API Variables IDOR that Allows Cross-Project Secret Disclosure

Impact An authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying an arbitrary projectId query parameter to the public API variables endpoint. The handler queried the variables repository directly without enforcing...

Securing Agentic AI Systems -- a Multilayer Security Framework

Securing Agentic Artificial Intelligence AI systems requires addressing the complex cyber risks introduced by autonomous, decision-making, and adaptive behaviors. Agentic AI systems are increasingly deployed across industries, organizations, and critical sectors such as cybersecurity, finance, an...

A Safety and Security Framework for Real-World Agentic Systems

This paper introduces a dynamic and actionable framework for securing agentic AI systems in enterprise deployment. We contend that safety and security are not merely fixed attributes of individual models but also emergent properties arising from the dynamic interactions among models, orchestrator...

Deploy Windows Malicious Software Removal Tool in an enterprise environment (KB891716)

Deploy Windows Malicious Software Removal Tool in an enterprise environment KB891716 The Windows Malicious Software Removal Tool MSRT is intended for use with the operating systems that are listed in the "Applies to" section. Operating systems that are not included in the list were not tested and...

Windows Pulse Secure Connect Client Saved Password Extractor

This module extracts and decrypts saved Pulse Secure Connect Client passwords from the Windows Registry. This module can only access credentials created by the user that the Meterpreter session is running as. Note that this module cannot link the password to a username unless the Meterpreter...

File Upload Vulnerability in HKCMS

HkCMS has been committed to providing free and open source content management system for enterprise station building, HkCMS has excellent expansion and secondary development capabilities, can be adapted to enterprise lightweight system development and deployment. HKCMS file upload vulnerability,...

SUSE-SU-2018:3591-2 Security update for MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss

This update for MozillaFirefox to ESR 60.2.2 fixes several issues. These general changes are part of the version 60 release. - New browser engine with speed improvements - Redesigned graphical user interface elements - Unified address and search bar for new installations - New tab page listing to...

[EMET v4.0 Beta] Enhanced Mitigation Experience Toolkit

The enhanced Mitigation Experience Toolkit EMET is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of...

How to Plan for Smartphone Security in the Enterprise

From eWEEK Chris De Herrera One of the major challenges CIOs face is the deployment and security of smartphones in the enterprise. It’s important for CIOs to assess how their organization should secure the smartphones employees use to access corporate resources. Here, Knowledge Center contributor...